LiveActive security incident?Get immediate response
CVE Record

CVE-2023-52836: locking/ww_mutex/test: Fix potential workqueue corruption

In the Linux kernel, the following vulnerability has been resolved: locking/ww_mutex/test: Fix potential workqueue corruption In some cases running with the test-ww_mutex code, I was seeing odd behavior where sometimes it seemed flush_workqueue was returning before all the work threads were finished. Often this would cause strange crashes as the mutexes would be freed while they were being used. Looking at the code, there is a lifetime problem as the controlling thread that spawns the work allocates the "struct stress" structures that are passed to the workqueue threads. Then when the workqueue threads are finished, they free the stress struct that was passed to them. Unfortunately the workqueue work_struct node is in the stress struct. Which means the work_struct is freed before the work thread returns and while flush_workqueue is waiting. It seems like a better idea to have the controlling thread both allocate and free the stress structures, so that we can be sure we don't corrupt the workqueue by freeing the structure prematurely. So this patch reworks the test to do so, and with this change I no longer see the early flush_workqueue returns.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysislow

Security readout for executives and security teams

Plain-English summary

CVE-2023-52836 is a Linux kernel issue in ww_mutex test code. A test work item can be freed too early, corrupting workqueue state and causing crashes during that test. Public sources do not show active exploitation or a remote attack path.

Executive priority

Treat this as a routine kernel maintenance item unless your organization runs kernel selftests or custom kernel validation at scale. There is no sourced evidence of active exploitation, but crashes in test infrastructure can still disrupt engineering and release pipelines.

Technical view

The flaw is a lifetime bug in locking/ww_mutex/test. Worker threads freed a stress structure containing the embedded work_struct before the workqueue machinery was done with it. The fix moves allocation and freeing responsibility to the controlling thread, preventing premature free and workqueue corruption.

Likely exposure

Exposure appears limited to Linux systems with affected kernel code where the ww_mutex test path is built and run. The CVE metadata lists Linux kernel stable lines affected and links stable fixes. Ordinary production systems may never execute this test path, but kernel version and configuration should be verified.

Exploitation context

No KEV listing is present, and the provided sources do not report active exploitation. The described impact is corruption and crashes observed while running kernel test-ww_mutex code, not a documented privilege-escalation or remote exploitation scenario.

Researcher notes

The public record lacks CVSS, CWE, and detailed exploitability assessment. Analysis should focus on whether the ww_mutex test code is compiled and executed in your environment, and whether downstream kernels have backported one of the linked stable patches.

Mitigation direction

  • Identify Linux kernel versions in use across servers, appliances, and build environments.
  • Check your Linux distribution or kernel vendor guidance for CVE-2023-52836 backports.
  • Upgrade to a vendor kernel containing the referenced stable fix.
  • Prioritize systems that build or run Linux kernel selftests or ww_mutex test code.

Validation and detection

  • Compare running kernel versions with vendor advisories for this CVE.
  • Confirm the applicable stable commit is present in your kernel source or changelog.
  • Review kernel build configuration and test workflows for ww_mutex test usage.
  • Check crash reports for workqueue or ww_mutex test failures during kernel testing.
Prepared
Confidence
medium
Sources
11

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2023-52836 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
2ADP providers
10Source links

SSVC decision data

CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: partial

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CISA-ADPCISA ADP Vulnrichment
other:ssvc
CVECVE Program Container
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux2a0c11282881875dc44f166a20eedf0d866dd0ef, 2a0c11282881875dc44f166a20eedf0d866dd0ef, 2a0c11282881875dc44f166a20eedf0d866dd0ef, 2a0c11282881875dc44f166a20eedf0d866dd0ef, 2a0c11282881875dc44f166a20eedf0d866dd0ef, 2a0c11282881875dc44f166a20eedf0d866dd0ef, 2a0c11282881875dc44f166a20eedf0d866dd0ef, 2a0c11282881875dc44f166a20eedf0d866dd0ef, 2a0c11282881875dc44f166a20eedf0d866dd0efunaffected
LinuxLinux4.11, 0, 4.14.331, 4.19.300, 5.4.262, 5.10.202, 5.15.140, 6.1.64, 6.5.13, 6.6.3, 6.7affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.